One workspace. Every endpoint.

Introduction

The AITIZER API is organized around REST. Every table, column, record, view, agent and action in your workspace is programmable — the same surface our own app, the Vibe Builder and your AI agents use.

All requests are served over HTTPS from your workspace’s base URL and accept / return JSON.

https://api.aitizer.com

Three protocols are available on the same data: the REST API for classic integrations, a native MCP server (JSON-RPC 2.0) for AI agents and MCP clients like Claude, and a WebSocket realtime channel for live updates.

Authentication

Authenticate with a workspace-scoped token in the Authorization header. Tokens are created in your workspace and can also be sent as X-MCP-Token.

curl https://api.aitizer.com/functions/v1/rest-api/tables \
  -H "Authorization: Bearer $AITIZER_TOKEN"

Token types

Per-table permissions

Every token carries an explicit permission grid per table — nothing is implicit:

Errors

AITIZER uses conventional HTTP status codes, and data-layer errors are returned in a predictable envelope so your client can branch on error.code.

{
  "data": null,
  "error": {
    "message": "No rows found",
    "code": "PGRST116"
  }
}

Status codes

Credits & limits

AI work — LLM tokens, ElevenLabs voice characters, Whisper transcription and embeddings — is metered against your workspace wallet. Plain REST calls are not AI-metered.

Every call is also written to an audit log (api_usage_logs) with the endpoint, method, table, status code and token used — so you can attribute every byte of usage.

Tables

Tables are the core container. Creating one provisions a real Postgres table behind the scenes.

List every table in the workspace your token can see.

curl -X POST https://api.aitizer.com/functions/v1/rest-api/tables \
  -H "Authorization: Bearer $AITIZER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Customers",
    "icon": "Users",
    "columns": [
      { "name": "Name",  "type": "text" },
      { "name": "Email", "type": "text" },
      { "name": "Status", "type": "single_select",
        "options": [ { "id": "active", "label": "Active", "color": "green" } ] }
    ]
  }'

{
  "id": 123,
  "name": "Customers",
  "icon": "Users",
  "pg_table_name": "data_123_456",
  "created_at": "2026-06-11T12:00:00Z"
}

Permanently deletes the table and all of its data.

Columns

Partial update — send only the fields you want to change.

Records

Query parameters

Creating a record runs the table’s automation pipeline: formulas compute, action columns fire, embeddings update — the row executes itself.

curl -X POST https://api.aitizer.com/functions/v1/rest-api/tables/123/records \
  -H "Authorization: Bearer $AITIZER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ "row_data": { "col_789": "ada@acme.com", "col_790": "active" } }'

{
  "id": 999,
  "row_data": { "col_789": "ada@acme.com", "col_790": "active" },
  "created_at": "2026-06-11T12:00:00Z",
  "created_by": "user-uuid"
}

Recompute a single formula / computed column for one record — useful for previews and testing.

Views

Six view types render the same rows: grid, kanban, gallery, form, calendar and timeline (Gantt).

Run actions

Trigger action columns (HTTP, AI, cross-table operations) on demand for one or many records — the same engine the grid uses.

{
  "results": [
    { "record_id": 999, "column_id": 456, "success": true, "result": "..." }
  ]
}

Column types

22 column types in three families. Data columns store, computed columns derive, action columns execute.

Data

Computed

Actions

Example — an AI column

{
  "name": "Analyze with AI",
  "type": "ai_agent",
  "agentId": 7,
  "prompt": "Score this lead from 0-100 and explain why:\n{Feedback}",
  "executeOnCreate": true,
  "executeOnEdit": false
}

Example — a rollup

{
  "name": "Total Spent",
  "type": "rollup",
  "rollupRelationColumnId": "col_orders",
  "rollupTargetColumnId": "col_amount",
  "rollupAggregator": "sum"
}

Template tags

Anywhere an action takes text — URLs, bodies, prompts, field mappings — you can reference the current row with tags. Tags resolve at execution time.

POST https://api.example.com/process?id={$item.id}
Body: { "name": "{Name}", "amount": {Amount} }

Execution model

Action columns execute in position order, left to right — the grid is the pipeline.

Safety

Circular dependencies between columns are detected and blocked — a formula cannot reference itself, and loops cannot nest loops. Every execution is logged per record and column, and you can test on a sample row from the UI before going live.

Integrations

27 ready integrations ship as action catalogs — each exposes typed actions you map to your columns. The list is unlimited: any HTTP endpoint can be registered as a custom action.

Credential modes

AI Agents

An agent is a configured LLM with memory, tools, knowledge, a voice and explicit permissions over your tables.

Agent channels

One agent, four channels: web iframe, web embed, WhatsApp Cloud and Telegram. All hit the same webhook.

{
  "session_id": "web_3f1c...",
  "message": "I want a quote for 50 seats"
}

{
  "reply": "Great - what company are you with?",
  "session_id": "web_3f1c...",
  "audio_response": "<base64 mp3, if voice is on>",
  "tool_calls": []
}

WhatsApp (type=whatsapp) handles Meta’s verification handshake and message payloads; Telegram (type=telegram) auto-registers its webhook and supports text, voice notes (transcribed with Whisper) and photos (vision). Sessions are persistent per user: wa_<phone>, tg_<chat>, web_<uuid>, with the last 20 messages as memory.

Intake / lead capture

Intake fields make the agent collect data before the conversation starts — and it will not move on until every required field is answered and valid.

When the last field is collected the lead row is created automatically — then the normal conversation begins.

Knowledge & tools

Knowledge base

Attach Markdown documents to an agent (inline or uploaded). They are injected into the system prompt as reference material, with a smart budget so context never explodes.

Custom tools

Give an agent typed tools the LLM can call — three kinds:

{
  "name": "create_ticket",
  "description": "Open a support ticket for the current customer",
  "kind": "http",
  "http_config": {
    "method": "POST",
    "url": "https://api.example.com/tickets",
    "body": "{ \"subject\": \"{subject}\", \"priority\": \"{priority}\" }"
  },
  "input_schema_json": {
    "type": "object",
    "properties": {
      "subject":  { "type": "string" },
      "priority": { "type": "string", "enum": ["low", "high"] }
    },
    "required": ["subject"]
  }
}

Voice

Agents speak with ElevenLabs (eleven_multilingual_v2) and listen with Whisper. Voice replies return as MP3 alongside the text; voice notes on Telegram are transcribed automatically.

Returns binary audio/mpeg. Characters are metered against the workspace wallet.

Vectorization

Enable the vectorizer on any table and every record is embedded automatically — on create, on update, removed on delete. No external vector DB to run: embeddings live in Postgres (pgvector, 1536 dims).

Models: text-embedding-3-small (default), text-embedding-3-large, ada-002 — selectable per table.

Semantic search

curl -X POST https://api.aitizer.com/functions/v1/vectorize \
  -H "Authorization: Bearer $AITIZER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "action": "search",
    "table_id": 123,
    "query": "unhappy enterprise customers asking for refunds",
    "limit": 5
  }'

{
  "results": [
    {
      "record_id": 412,
      "content_text": "Name: Acme Corp\nPlan: Enterprise\nLast note: requested refund...",
      "similarity": 0.89
    }
  ],
  "tokens_used": 12
}

Under the hood this is a cosine-similarity match (match_embeddings) over your table’s vectors — RAG without the plumbing.

Realtime

Subscribe to row-level changes over WebSocket — a LISTEN/NOTIFY bridge straight from Postgres.

{
  "type": "subscribe",
  "subId": "sub-1",
  "table": "app_tables",
  "event": "*",
  "filter": "workspace_id=eq.456"
}

{
  "type": "change",
  "subId": "sub-1",
  "payload": {
    "eventType": "INSERT",
    "new": { "id": 123, "name": "New Table" },
    "old": null
  }
}

Storage

Workspace file storage with public and authenticated buckets (branding-assets, agent-avatars, attachments…).

Upload binary or multipart. Returns the storage key and a public URL.

MCP server

AITIZER ships a native MCP server — the open protocol that lets AI agents (ours, yours, or Claude itself) act on your workspace with real, scoped permissions.

JSON-RPC 2.0. Authenticate with Authorization: Bearer or X-MCP-Token.

{
  "jsonrpc": "2.0",
  "id": "1",
  "method": "tools/call",
  "params": {
    "name": "create_record",
    "arguments": {
      "table_id": 123,
      "fields": { "Name": "Ada Lovelace", "Status": "Active" }
    }
  }
}

Writes respect field-level AI control: columns flagged ai_populates: false are silently stripped — the model can never touch fields you own.

MCP tools

19 tools, named exactly as the server exposes them:

user_mcp tokens see only the safe data subset (reads, record writes, sql_query, compute_cell); schema and admin tools require a full token.

Permissions

Roles

Row-level security

Every query runs through Postgres RLS policies (is_workspace_member, has_role) — isolation is enforced by the database, not by application code.

Field-level AI control

White-label

Each workspace carries its own brand — your clients (and their clients) see your product.

Combine with scoped rest_api / user_mcp tokens per client and per-table permission grids, and every client of yours gets an isolated, branded, API-ready workspace.